edit: This is forwarder, going to have to forward somewhere I have not used the forwarder since they enabled unbound.. Well really before that when unbound was just a package. A resolver is just so much better than a forwarder. Not sure why anyone still uses it to be honest

In a nutshell if you have an alias that is not working, you need to check the table. If entries not in the table then you need to figure out why the resolution of whatever FQDN is not working is not in the table. Pfsense needs to be able to resolve the FQDN you put in there for it to be able to put in the table..

So normally such problems just come down to name resolution troubleshooting.. Which doesn't look like any was done before bug report filed

« Last Edit: October 17, 2017, 10:51:28 am by johnpoz »

Logged

- An intelligent man is sometimes forced to be drunk to spend time with his fools.- Please don't PM me for personal help- if you want to say thanks applaud or https://www.freebsdfoundation.org/donate/1x SG-2440 2.4.2-RELEASE-p1 (work)1x SG-4860 2.4.2-RELEASE-p1 (home)

edit: This is forwarder, going to have to forward somewhere I have not used the forwarder since they enabled unbound.. Well really before that when unbound was just a package. A resolver is just so much better than a forwarder. Not sure why anyone still uses it to be honest

In a nutshell if you have an alias that is not working, you need to check the table. If entries not in the table then you need to figure out why the resolution of whatever FQDN is not working is not in the table. Pfsense needs to be able to resolve the FQDN you put in there for it to be able to put in the table..

So normally such problems just come down to name resolution troubleshooting.. Which doesn't look like any was done before bug report filed

I also did a 'cat /etc/hosts' and the nas.fqdn.private entry is in there. I think we can discount the 'if pfsense cannot resolve it it won't be in a table' issue as pfSense can not only resolve it, it's put it into it's Hosts file.

The first DNS server listed in System -> General Setup was dead. It was working fine as there were anotehr 3 DNS servers in there. As soon as I replaced this one server with a working one I started seeing 'filterdns' entries in the System|DNS Resolver log. I checked the rules and they have started working now as well.

What I don't understand is:

1. The majority of the aliases are for internal IP's and therefore don't need external DNS resolution;2. The majority of the aliases are for DHCP leases and are therefore registered by the DHCP service and appear in the pfSense Hosts file so again don't need external resolution;3. If you have 4 listed DNS servers and one breaks then why should this stop aliases working;4. What has changed that this issue did not appear before the upgrade to v2.4;

If I have a working system and I upgrade it and parts of it stops working then that's a problem. It's a bug. A bug in the upgrade. A bug in the way something works. But it's a bug. Something that should work doesn't. That's clear from this.

I would do normally. But there is already a bug open for this. The way it was also completely dismissed without waiting for further information and pushed back to the forum means I'm not going to waste my time going through the hoops to do it. I appreciate that there was not a lot of information given on the issue raised but the way it was handled was poor. Pre-empting an issue as not a bug 'because we don't see it here' is a naive viewpoint and a does not encourage people to feedback on their project.

But I do appreciate your help in this ggzengel. Between the pair of us it lead me to find what I did. It's been much appreciated.